lab updates

2026-02-22 11:48:17 +00:00 · 2019-11-23 11:44:22 +00:00
parent 9db142ad60
commit 2e23a80c59
1 changed files with 11 additions and 52 deletions
--- a/scenarios/labs/introducing_attacks/8_vulnerability_analysis.xml
+++ b/scenarios/labs/introducing_attacks/8_vulnerability_analysis.xml
@@ -18,61 +18,20 @@ It is important for organisations to manage the security of their systems and fo
  <type>lab-sheet</type>
  <difficulty>easy</difficulty>

-
-	<system>
-		<system_name>windows_server</system_name>
-		<base platform="windows" distro="7"/>
-
-		<input into_datastore="IP_addresses">
-			<!-- 0 windows desktop -->
-			<value>172.16.0.2</value>
-			<!-- 1 linux server -->
-			<value>172.16.0.3</value>
-			<!-- 1 kali -->
-			<value>172.16.0.4</value>
-		</input>
-
-		<utility module_path=".*parameterised_accounts" platform="windows">
-			<input into="accounts" into_datastore="accounts">
-				<generator type="account">
-					<input into="username">
-						<generator type="random_word_generator">
-							<input into="wordlist">
-								<value>mythical_creatures</value>
-							</input>
-						</generator>
-					</input>
-					<input into="password">
-						<value>tiaspbiqe2r</value>
-					</input>
-					<input into="super_user">
-						<value>true</value>
-					</input>
-					<input into="strings_to_leak">
-						<generator type="flag_generator" />
-					</input>
-					<input into="leaked_filenames">
-						<value>flag.txt</value>
-					</input>
-				</generator>
-			</input>
-		</utility>
-
-		<!-- vulnerable ftp server -->
-		<vulnerability module_path=".*easyftp_rce"/>
-
-		<network type="private_network">
-			<input into="IP_address">
-				<datastore access="0">IP_addresses</datastore>
-			</input>
-		</network>
-	</system>
-
 	<system>
 		<system_name>linux_server</system_name>

 		<base platform="linux" distro="Debian 7.8" type="server"/>

+		<input into_datastore="IP_addresses">
+			<!-- 0 linux server -->
+			<value>172.16.0.2</value>
+			<!-- 1 not used -->
+			<value>172.16.0.3</value>
+			<!-- 1 kali -->
+			<value>172.16.0.4</value>
+		</input>
+
 		<!-- DirtyCOW vulnerability module leaves the debian 7 bases unpatched by default. -->
 		<vulnerability module_path=".*dirtycow.*">
 			<input into="strings_to_leak">
@@ -94,7 +53,7 @@ It is important for organisations to manage the security of their systems and fo
 		<!-- vulnerable wordpress -->
 		<vulnerability module_path=".*wordpress.*">
 			<input into="IP_address">
-				<datastore access="1">IP_addresses</datastore>
+				<datastore access="0">IP_addresses</datastore>
 			</input>
 		</vulnerability>
 		<!-- vulnerable IRC server -->
@@ -103,7 +62,7 @@ It is important for organisations to manage the security of their systems and fo

 		<network type="private_network">
 			<input into="IP_address">
-				<datastore access="1">IP_addresses</datastore>
+				<datastore access="0">IP_addresses</datastore>
 			</input>
 		</network>
 	</system>